Commit graph

1741 commits

Author SHA1 Message Date
Andres Amaya Garcia
6ee7dad896 Allow forcing 64-bit integer type
Allow forcing 64-bit integer type for bignum operations. Also introduce
the macro MBEDTLS_TYPE_UDBL to allow configuration of the double length
integer in unknown compilers.
2017-07-22 11:53:56 +02:00
Andres Amaya Garcia
05d9535c90 Enable 64-bit compilation with ARM Compiler 6
This patch fixes the conditional preprocessor directives in
include/mbedtls/bignum.h to enable 64-bit compilation with ARM
Compiler 6.
2017-07-22 11:53:56 +02:00
Simon Butcher
c0da47dd1e Fix platform setup/teardown feature and comments
Fixed the platform setup/teardown feature, by fixing it for doxygen and adding it
as a feature  in 'version_features.c'.
2017-07-21 23:48:55 +01:00
Simon Butcher
be4f75c12f Add additional comments to platform setup/teardown functions 2017-07-21 02:15:14 +02:00
Andres Amaya Garcia
9da69514ec Rename macro SETUP_ALT to SETUP_TEARDOWN_ALT
Rename the macro MBEDTLS_PLATFORM_SETUP_ALT to
MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT to make the name more descriptive
as this macro enables/disables both functions.
2017-07-21 02:12:49 +02:00
Andres Amaya Garcia
9d80a36336 Improve documentation for mbedtls_platform_context 2017-07-21 02:12:49 +02:00
Andres Amaya Garcia
82d7314c43 Remove internal functions from setup API 2017-07-21 02:12:49 +02:00
Andres Amaya Garcia
122d899296 Add library setup and teardown APIs
Add the following two functions to allow platform setup and teardown
operations for the full library to be hooked in:

* mbedtls_platform_setup()
* mbedtls_platform_teardown()

An mbedtls_platform_context C structure is also added and two internal
functions that are called by the corresponding setup and teardown
functions above:

* mbedtls_internal_platform_setup()
* mbedtls_internal_plartform_teardown()

Finally, the macro MBEDTLS_PLATFORM_SETUP_ALT is also added to allow
mbedtls_platform_context and internal function to be overriden by the
user as needed for a platform.
2017-07-21 02:11:35 +02:00
Hanno Becker
1a28b01b5e Make minor changes to documentation 2017-07-20 12:36:53 +02:00
Hanno Becker
489b985fae Export mbedtls_aes_(en/de)crypt to retain for API compatibility
The commit f5bf7189d3 made the AES
functions mbedtls_aes_encrypt and mbedtls_aes_decrypt static, changing
the library's API.

This commit reverts this.
2017-07-20 12:36:53 +02:00
Hanno Becker
649dcab175 Clarify documentation for alternative AES implementations
The functions mbedtls_aes_decrypt and mbedtls_aes_encrypt have been
superseded by mbedtls_aes_internal_decrypt and
mbedtls_aes_internal_encrypt, respectively. Alternative
implementations should now only replace the latter, and leave the
maintenance wrapper definitions of the former untouched.

This commit clarifies this in the documentation of the respective
configuration options MBEDTLS_AES_DECRYPT_ALT and
MBEDTLS_AES_ENCRYPT_ALT.
2017-07-20 12:36:53 +02:00
Hanno Becker
544039ac59 Undo API change
The previous commit b3e6872c9381ed4ce020d631dda1e0126c42b64f changed
to public functions from ssl_ciphersuite.h to static inline. This
commit reverts this change.
2017-07-20 12:36:53 +02:00
Janos Follath
a9e775efe4 Remove mutexes from ECP hardware acceleration
Protecting the ECP hardware acceleratior with mutexes is inconsistent with the
philosophy of the library. Pre-existing hardware accelerator interfaces
leave concurrency support to the underlying platform.

Fixes #863
2017-07-19 02:07:59 +01:00
Hanno Becker
248ae6dbb8 Improve documentation of PKCS1 decryption functions
Document the preconditions on the input and output buffers for
the PKCS1 decryption functions
- mbedtls_rsa_pkcs1_decrypt,
- mbedtls_rsa_rsaes_pkcs1_v15_decrypt
- mbedtls_rsa_rsaes_oaep_decrypt
2017-07-19 01:46:44 +01:00
Manuel Pégourié-Gonnard
760c9b91d7 Update doc of return value of verify() 2017-07-06 15:00:32 +02:00
Manuel Pégourié-Gonnard
31458a1878 Only return VERIFY_FAILED from a single point
Everything else is a fatal error. Also improve documentation about that for
the vrfy callback.
2017-07-06 11:58:41 +02:00
Simon Butcher
f2a597fa3d Update the version number to 2.5.1 2017-06-20 23:08:10 +01:00
Andres Amaya Garcia
fd48739461 Add AES feature unavailable error code 2017-06-14 16:19:12 +01:00
Manuel Pégourié-Gonnard
4a42f3c405 Merge remote-tracking branch 'restricted/iotssl-1398' into development-restricted
* restricted/iotssl-1398:
  Add ChangeLog entry
  Ensure application data records are not kept when fully processed
  Add hard assertion to mbedtls_ssl_read_record_layer
  Fix mbedtls_ssl_read
  Simplify retaining of messages for future processing
2017-06-09 15:02:40 +02:00
Manuel Pégourié-Gonnard
db108ac944 Merge remote-tracking branch 'hanno/mpi_read_file_underflow' into development
* hanno/mpi_read_file_underflow:
  Fix potential stack underflow in mpi_read_file.
2017-06-08 19:48:03 +02:00
Manuel Pégourié-Gonnard
1178ac5e77 Merge remote-tracking branch 'hanno/sliding_exponentiation' into development
* hanno/sliding_exponentiation:
  Adapt ChangeLog
  Abort modular inversion when modulus is one.
  Correct sign in modular exponentiation algorithm.
2017-06-08 19:46:30 +02:00
Hanno Becker
4a810fba69 Fix mbedtls_ssl_read
Don't fetch a new record in mbedtls_ssl_read_record_layer as long as an application data record is being processed.
2017-06-08 10:12:16 +01:00
Hanno Becker
af0665d8b0 Simplify retaining of messages for future processing
There are situations in which it is not clear what message to expect
next. For example, the message following the ServerHello might be
either a Certificate, a ServerKeyExchange or a CertificateRequest. We
deal with this situation in the following way: Initially, the message
processing function for one of the allowed message types is called,
which fetches and decodes a new message. If that message is not the
expected one, the function returns successfully (instead of throwing
an error as usual for unexpected messages), and the handshake
continues to the processing function for the next possible message. To
not have this function fetch a new message, a flag in the SSL context
structure is used to indicate that the last message was retained for
further processing, and if that's set, the following processing
function will not fetch a new record.

This commit simplifies the usage of this message-retaining parameter
by doing the check within the record-fetching routine instead of the
specific message-processing routines. The code gets cleaner this way
and allows retaining messages to be used in other situations as well
without much effort. This will be used in the next commits.
2017-06-08 10:12:16 +01:00
Manuel Pégourié-Gonnard
c44c3c288d Merge remote-tracking branch 'janos/iotssl-1156-ecdsa-sample-and-doc-clarification' into development
* janos/iotssl-1156-ecdsa-sample-and-doc-clarification:
  Clarify the use of ECDSA API
2017-06-08 10:16:54 +02:00
Gilles Peskine
f11d33b2df Cleaned up negative test predicate for test case
The test infrastructure does support negative predicates for test
cases, thanks to Andreas for letting me know.
2017-06-06 19:16:18 +02:00
Gilles Peskine
5d2511c4d4 SHA-1 deprecation: allow it in key exchange
By default, keep allowing SHA-1 in key exchange signatures. Disabling
it causes compatibility issues, especially with clients that use
TLS1.2 but don't send the signature_algorithms extension.

SHA-1 is forbidden in certificates by default, since it's vulnerable
to offline collision-based attacks.
2017-06-06 18:44:14 +02:00
Gilles Peskine
4fa6bed0c6 X.509 tests: obey compile-time SHA-1 support option
There is now one test case to validate that SHA-1 is rejected in
certificates by default, and one test case to validate that SHA-1 is
supported if MBEDTLS_TLS_DEFAULT_ALLOW_SHA1 is #defined.
2017-06-06 18:44:14 +02:00
Gilles Peskine
5e79cb3662 Remove SHA-1 in TLS by default
Default to forbidding the use of SHA-1 in TLS where it is unsafe: for
certificate signing, and as the signature hash algorithm for the TLS
1.2 handshake signature. SHA-1 remains allowed in HMAC-SHA-1 in the
XXX_SHA ciphersuites and in the PRF for TLS <= 1.1.

For easy backward compatibility for use in controlled environments,
turn on the MBEDTLS_TLS_DEFAULT_ALLOW_SHA1 compiled-time option.
2017-06-06 18:44:13 +02:00
Manuel Pégourié-Gonnard
23b33f8663 Merge remote-tracking branch 'hanno/sig_hash_compatibility' into development
* hanno/sig_hash_compatibility:
  Improve documentation
  Split long lines
  Remember suitable hash function for any signature algorithm.
  Introduce macros and functions to characterize certain ciphersuites.
2017-06-06 18:14:57 +02:00
Simon Butcher
9f77017a8d Updated version number to 2.5.0 2017-05-16 10:22:37 +01:00
Andres AG
f5bf7189d3 Change return type of AES decrypt and encrypt
This patch modifies the following 2 functions in the AES module to
change the return type from void to int:
    * mbedtls_aes_encrypt() -> mbedtls_internal_aes_encrypt()
    * mbedtls_aes_decrypt() -> mbedtls_internal_aes_decrypt()
This change is necessary to allow users of MBEDTLS_AES_ALT,
MBEDTLS_AES_DECRYPT_ALT and MBEDTLS_AES_ENCRYPT_ALT to return an error
code when replacing the default with their own implementation, e.g.
a hardware crypto accelerator.
2017-05-16 10:22:37 +01:00
Janos Follath
088ce43ffe Implement optional CA list suppression in Certificate Request
According to RFC5246 the server can indicate the known Certificate
Authorities or can constrain the aurhorisation space by sending a
certificate list. This part of the message is optional and if omitted,
the client may send any certificate in the response.

The previous behaviour of mbed TLS was to always send the name of all the
CAs that are configured as root CAs. In certain cases this might cause
usability and privacy issues for example:
- If the list of the CA names is longer than the peers input buffer then
  the handshake will fail
- If the configured CAs belong to third parties, this message gives away
  information on the relations to these third parties

Therefore we introduce an option to suppress the CA list in the
Certificate Request message.

Providing this feature as a runtime option comes with a little cost in
code size and advantages in maintenance and flexibility.
2017-05-16 10:22:37 +01:00
Andres Amaya Garcia
75fdf631fd Remove obsolete macros from compat-1.3.h 2017-05-16 10:22:37 +01:00
Hanno Becker
7e5437a972 Remember suitable hash function for any signature algorithm.
This commit changes `ssl_parse_signature_algorithms_ext` to remember
one suitable ( := supported by client and by our config ) hash
algorithm per signature algorithm.

It also modifies the ciphersuite checking function
`ssl_ciphersuite_match` to refuse a suite if there
is no suitable hash algorithm.

Finally, it adds the corresponding entry to the ChangeLog.
2017-05-15 11:50:11 +01:00
Hanno Becker
1aa267cbc3 Introduce macros and functions to characterize certain ciphersuites.
The routine `mbedtls_ssl_write_server_key_exchange` heavily depends on
what kind of cipher suite is active: some don't need a
ServerKeyExchange at all, some need (EC)DH parameters but no server
signature, some require both. Each time we want to restrict a certain
piece of code to some class of ciphersuites, it is guarded by a
lengthy concatentation of configuration checks determining whether at
least one of the relevant cipher suites is enabled in the config; on
the code level, it is guarded by the check whether one of these
cipher suites is the active one.

To ease readability of the code, this commit introduces several helper
macros and helper functions that can be used to determine whether a
certain class of ciphersuites (a) is active in the config, and
(b) contains the currently present ciphersuite.
2017-05-15 11:46:57 +01:00
Andres Amaya Garcia
af610a0baf Fix check-doxy-blocks.pl errors (cmac.c ecjpake.h) 2017-05-12 00:18:04 +01:00
Janos Follath
5634b8609b Apply feedback to ECP internal interface documentation 2017-05-11 22:42:14 +01:00
Janos Follath
aab9efb4ce Add doxygen documentation to the new ECP interface
Document the functions in the Elliptic Curve Point module hardware
acceleration to guide silicon vendors when implementing the drivers.
2017-05-11 22:42:14 +01:00
Janos Follath
333d163523 Remove obsolote ECP abstraction macros
Some macros have been removed from the Elliptic Curve Point abstraction
layer, and they shouldn't have remained in the check_config.h
2017-05-11 22:42:14 +01:00
Janos Follath
c44ab97cc9 Apply review feedback on ECP interface
Naming conventions are revised, style issues corrected and minor
optimisation added.
2017-05-11 22:42:14 +01:00
Janos Follath
b8a90fb51c Update ECP hardware abstraction interface
With this commit the Elliptic Curve Point interface is rewised. Two
compile time options has been removed to simplify the interface and
the function names got a new prefix that indicates that these functions
are for internal use and not part of the public interface.
2017-05-11 22:42:14 +01:00
Janos Follath
ee782bcd54 Adjust documentation to new ECP function names. 2017-05-11 22:42:14 +01:00
Janos Follath
552f6b6d17 Add global mutex for asymmetric crypto accelerator
The primary use case behind providing an abstraction layer to enable
alternative Elliptic Curve Point arithmetic implementation, is making
use of cryptographic acceleration hardware if it is present.

To provide thread safety for the hardware accelerator we need a mutex
to guard it.
2017-05-11 22:42:14 +01:00
Janos Follath
16e63ea2e2 Fix alternative ECP function names
The alternative Elliptic Curve Point arithmetic functions didn't have
an 'mbedtls_' prefix as required by check-names.sh.
2017-05-11 22:42:14 +01:00
Janos Follath
4d9c69dde8 Fix ECP alternative macro names
The compile time macros enabling the initialisation and deinitialisation
in the alternative Elliptic Curve Point arithmetic implementation had
names that did not end with '_ALT' as required by check-names.sh.
2017-05-11 22:42:14 +01:00
Janos Follath
47d28f08a6 Remove alt_internal directory 2017-05-11 22:42:14 +01:00
Janos Follath
372697b6b7 Clean up ECP abstraction layer code
This commit fixes several style issues and fixes in the documentation
of the Elliptic Curve Point arithmetic abstraction layer.
2017-05-11 22:42:14 +01:00
Janos Follath
b069753313 ECP: Add module and function level replacement options. 2017-05-11 22:42:14 +01:00
Hanno Becker
b2034b7785 Fix potential stack underflow in mpi_read_file.
When provided with an empty line, mpi_read_file causes a numeric
underflow resulting in a stack underflow. This commit fixes this and
adds some documentation to mpi_read_file.
2017-05-09 10:29:06 +01:00
Hanno Becker
4bcb4914c5 Abort modular inversion when modulus is one.
The modular inversion function hangs when provided with the modulus 1. This commit refuses this modulus with a BAD_INPUT error code. It also adds a test for this case.
2017-05-08 14:47:04 +01:00
Steven Cooreman
6334277320 Allow alternate core implementation of CMAC 2017-04-04 11:47:16 +02:00
Steven Cooreman
222e2ff421 Allow alternate core implementation of CCM 2017-04-04 11:37:15 +02:00
Janos Follath
0a5154b8a1 Clarify the use of ECDSA API
In the ecdsa.c sample application we don't use hashing, we use ecdsa
directly on a buffer containing plain text. Although the text explains
that it should be the message hash it still can be confusing.

Any misunderstandings here are potentially very dangerous, because ECDSA
truncates the message hash if necessary and this can lead to trivial
signature forgeries if the API is misused and the message is passed
directly to the function without hashing.

This commit adds a hash computation step to the ecdsa.c sample
application and clarification to the doxygen documentation of the
ECDSA functions involved.
2017-03-10 11:31:41 +00:00
Jaakko Korhonen
aca11a071d Fixed typo in ssl.h 2017-02-28 08:58:02 +00:00
Simon Butcher
ee75b9b417 Add clarification to the TLS renegotiation period
Expanded details on use of mbedtls_ssl_conf_renegotiation_period()
2017-02-03 00:21:28 +00:00
Simon Butcher
1d4db5b7b5 Merge 'iotssl-1099-incorrect-renego-dtls'
Fix an incorrect condition in ssl_check_ctr_renegotiate() that compared
64 bits of record counter instead of 48 bits as described in RFC 6347
Section 4.3.1. This would cause the function's return value to be
occasionally incorrect and the renegotiation routines to be triggered
at unexpected times.
2017-02-02 23:47:08 +00:00
Simon Butcher
a90f6bd657 Merge PR #737 - type in ssl.h 2017-02-02 15:32:47 +00:00
Simon Butcher
4d1e104bc1 Merge iotssl-1079-macro-redefinition-warning
Fix redefinition of macro ssl_set_bio to undefined symbol
mbedtls_ssl_set_bio_timeout in compat-1.3.h.
2017-02-02 12:19:04 +00:00
Andres AG
18c5c59b5b Fix renegotiation at incorrect times in DTLS
Fix an incorrect condition in ssl_check_ctr_renegotiate() that compared
64 bits of record counter instead of 48 bits as described in RFC 6347
Section 4.3.1. This would cause the function's return value to be
occasionally incorrect and the renegotiation routines to be triggered
at unexpected times.
2017-01-19 16:30:15 +00:00
Jaakko Korhonen
14918fbda4 Fixed typo in ssl.h 2017-01-09 11:07:46 +02:00
Simon Butcher
f4957a8855 Clarify CMAC API
Added additional text to cmac.h to make the API clearer.
2016-12-14 15:27:22 +00:00
Janos Follath
1808dc01bd Update library version number to 2.4.1 2016-12-13 16:00:52 +00:00
Andres AG
ee7157e735 Fix redefinition of macro ssl_set_bio
Fix redefinition of macro ssl_set_bio to undefined symbol
mbedtls_ssl_set_bio_timeout in compat-1.3.h.
2016-12-07 10:27:00 +00:00
DSiekmeier
b67c897ded removed outdated comment 2016-11-17 14:17:23 +00:00
Brian J Murray
2adecba01f Clarify Comments and Fix Typos (#651)
Fixes many typos, and errors in comments.

* Clarifies many comments
* Grammar correction in config.pl help text
* Removed comment about MBEDTLS_X509_EXT_NS_CERT_TYPE.
* Comment typo fix (Dont => Don't)
* Comment typo fix (assure => ensure)
* Comment typo fix (byes => bytes)
* Added citation for quoted standard
* Comment typo fix (one complement => 1's complement)

The is some debate about whether to prefer "one's complement",  "ones'
complement", or "1's complement".  The more recent RFCs related to TLS
(RFC 6347,  RFC 4347, etc) use " 1's complement", so I followed that
convention.

* Added missing ")" in comment
* Comment alignment
* Incorrect comment after #endif
2016-11-06 12:45:15 +00:00
Simon Butcher
2cb4739ad2 Fix multiple erroneously named source files in comments
This fixes many incorrect references to filenames in the comments in config.h.
2016-11-04 12:23:11 +00:00
Simon Butcher
16c54ee9c8 Update library version number to 2.4.0 2016-10-16 19:34:39 +01:00
Simon Butcher
8e00410402 Merge fix for AEAD Random IVs 2016-10-14 00:48:33 +01:00
Simon Butcher
99000142cb Merge fix for IE Certificate Compatibility 2016-10-13 17:21:01 +01:00
Andres AG
314d8a8400 Fix documentation for mbedtls_gcm_finish()
Fix implementation and documentation missmatch for the function
arguments to mbedtls_gcm_finish(). Also, removed redundant if condition
that always evaluates to true.
2016-10-13 13:54:47 +01:00
Andres AG
2280e9cc48 Fix typo in docs for mbedtls_x509write_csr_der() 2016-10-13 13:53:56 +01:00
Janos Follath
2b3b740574 Remove unnecessary flag from CMAC context 2016-10-13 13:53:33 +01:00
Andres AG
8254b6c9f3 Clean up of formatting, and potential integer overflow fix 2016-10-13 13:51:13 +01:00
Simon Butcher
f394e09431 Clean up and minor fixes following review
Minor fixes following review including:
    * formatting changes including indentation and code style
    * corrections
    * removal of debug code
    * clarification of code through variable renaming
    * memory leak
    * compiler warnings
2016-10-13 13:51:12 +01:00
Simon Butcher
5805fbedcb Fix CMAC interface for doxygen
Parameters didn't match the function definition.
2016-10-13 13:51:12 +01:00
Simon Butcher
08e890004c Fix naming in cmac.h to comply with check-names.sh 2016-10-13 13:51:12 +01:00
Simon Butcher
59b4c888fe Clean up comment formatting in md.h 2016-10-13 13:51:12 +01:00
Simon Butcher
53b5e9c0a9 Remove CMAC as a separate and independent error group 2016-10-13 13:51:12 +01:00
Simon Butcher
0c79073a8b Refactor and change CMAC interface
Change the CMAC interface to match the mbedtls_md_hmac_xxxx() interface. This
changes the overall design of the CMAC interface to make it more consistent with
the existing HMAC interface, and will allow incremental updates of input data
rather than requiring all data to be presented at once, which is what the
current interface requires.
2016-10-13 13:51:11 +01:00
Brian Murray
57104fb773 Specify AES-CMAC-PRF buffer output size in comment 2016-10-13 13:51:11 +01:00
Brian Murray
5168618294 Minor fixes to comments 2016-10-13 13:51:11 +01:00
Brian Murray
3d64431a33 Minor CMAC fixes for merge 2016-10-13 13:51:11 +01:00
Brian Murray
ba426948b2 Minor change to pass build tests 2016-10-13 13:51:10 +01:00
Brian Murray
6eae89bb6f No CMAC minimum tag length is specified by NIST SP800-38B A
Minor Typo Changes
2016-10-13 13:51:10 +01:00
Brian Murray
86ff986884 selftest supports cmac if only MBEDTLS_DES_C is defined
Other minor typo fixes
2016-10-13 13:51:10 +01:00
Brian Murray
afdb60f84f Only compile AES CMAC PRF support if MBEDTLS_AES_C is defined and other cleanups 2016-10-13 13:51:09 +01:00
Brian Murray
029d79bf25 Updated comments for CMAC in config.h 2016-10-13 13:51:09 +01:00
Brian Murray
7c6476c330 CMAC support for cipher with 64bit blocks (DES/3DES) 2016-10-13 13:51:09 +01:00
Manuel Pégourié-Gonnard
2b0e21f130 cmac: more cosmetic changes 2016-10-13 13:51:09 +01:00
Manuel Pégourié-Gonnard
9c83eebe67 cmac: improve argument order and naming
- always use the pattern "buffer, length"
- avoid using unqualified "length" as a name when there are more than one
2016-10-13 13:51:08 +01:00
Robert Cragie
9bf1e5dd3b Line endings wrong 2016-10-13 13:51:08 +01:00
Robert Cragie
468320d6f5 Bad code in function documentation 2016-10-13 13:51:08 +01:00
Robert Cragie
2fa11cd197 Added CMAC as proper low-level module and changed error returns 2016-10-13 13:51:07 +01:00
Robert Cragie
45feb6ef20 Add support for AES-128-CMAC and AES-CMAC-PRF-128 2016-10-13 13:51:07 +01:00
Andres AG
94d73b0b0a Add config macro for min bytes hw entropy 2016-10-13 13:48:48 +01:00
Andres AG
3616f6f261 Rename net.{c,h} to net_sockets.{c,h}
The library/net.c and its corresponding include/mbedtls/net.h file are
renamed to library/net_sockets.c and include/mbedtls/net_sockets.h
respectively. This is to avoid naming collisions in projects which also
have files with the common name 'net'.
2016-10-13 13:48:48 +01:00
Andres AG
f9113194af Allow the entry_name size to be set in config.h
Allow the size of the entry_name character array in x509_crt.c to be
configurable through a macro in config.h. entry_name holds a
path/filename string. The macro introduced in
MBEDTLS_X509_MAX_FILE_PATH_LEN.
2016-09-16 11:42:35 +01:00
Andres Amaya Garcia
a928e67278 Documentation and entropy self test changes (#610)
Ensure that the entropy self test always fails whenever
MBEDTLS_TEST_NULL_ENTROPY is defined. This is because the option is
meant to be for testing and development purposes rather than production
quality software. Also, this patch enhances the documentation for
mbedtls_entropy_source_self_test() and mbedtls_entropy_self_test().
2016-09-13 13:30:02 +01:00
Andres AG
e7723ec284 Make entropy bias self test poll multiple times
Instead of polling the hardware entropy source a single time and
comparing the output with itself, the source is polled at least twice
and make sure that the separate outputs are different.
2016-08-30 16:50:48 +01:00
Andres AG
b34e42e69e Add a new self test to entropy module
The self test is a quick way to check at startup whether the entropy
sources are functioning correctly. The self test only polls 8 bytes
from the default entropy source and performs the following checks:

- The bytes are not all 0x00 or 0xFF.
- The hardware does not return an error when polled.
- The entropy does not provide data in a patter. Only check pattern
  at byte, word and long word sizes.
2016-08-30 16:50:48 +01:00
Brian J Murray
98844ff59f Fix minor typo in comments (#531) 2016-08-30 09:50:12 +01:00
Paul Bakker
c7d6bd4b5f Add mbedtls_asn1_write_len() support for 3 and 4 byte lengths
As a consequence also adds coverage for reading 3 and 4 byte lengths
(which were not covered before)
2016-08-25 15:42:27 +01:00
Paul Bakker
7eb1243fb4 Add check for lengths over 65535 in mbedtls_asn1_write_len() 2016-08-25 15:42:27 +01:00
Andres Amaya Garcia
1e4ec667a4 Check time platform abstraction macro definitions (#534)
* Check time platform abstraction macro definitions

This patch adds some checks to check_config.h to ensure that macro
definitions for the time platform abstraction are acceptable. In this
case the requirements are:
  - MBEDTLS_PLATFORM_C and MBEDTLS_HAVE_TIME must be defined whenever
    MBEDTLS_PLATFORM_TIME_ALT, MBEDTLS_PLATFORM_TIME_TYPE_MACRO or
    MBEDTLS_PLATFORM_TIME_MACRO is defined.
  - MBEDTLS_PLATFORM_STD_TIME and MBEDTLS_PLATFORM_TIME_ALT cannot be
    defined simultaneously with MBEDTLS_PLATFORM_TIME_TYPE_MACRO or
    MBEDTLS_PLATFORM_TIME_MACRO.
  - MBEDTLS_HAVE_TIME and MBEDTLS_PLATFORM_TIME_ALT must be defined
    whenever MBEDTLS_PLATFORM_STD_TIME is defined.

* Document requirements for time abstraction macros

Document that time platform abstraction macros
MBEDTLS_PLATFORM_TIME_ALT, MBEDTLS_PLATFORM_TIME_MACRO,
MBEDTLS_PLATFORM_TIME_TYPE_MACRO and MBEDTLS_PLATFORM_STD_TIME require
MBEDTLS_HAVE_TIME to be defined in config.h.

* Fix requires comment in config.h

* Split preprocessor condition for simplicity
2016-07-20 10:16:25 +01:00
Simon Butcher
b5b6af2663 Puts platform time abstraction into its own header
Separates platform time abstraction into it's own header from the
general platform abstraction as both depend on different build options.
(MBEDTLS_PLATFORM_C vs MBEDTLS_HAVE_TIME)
2016-07-13 14:46:18 +01:00
James Cowgill
7247f99b3e Fixes missing dependency in ss.h on platform.h
Fixes #522 - 'mbedtls_time_t does not name a type in ssl.h'
2016-07-11 13:57:05 +01:00
Simon Butcher
1d46a2d5aa Fix issue with reuse of custom yotta configs for target_config.h (#530) 2016-07-11 10:17:03 +01:00
Simon Butcher
905cef6c2c Changed library version number to 2.3.0 2016-06-27 19:36:45 +01:00
Simon Butcher
ab069c6b46 Merge branch 'development' into development-restricted 2016-06-23 21:42:26 +01:00
Simon Butcher
b2c81b12bb Added target_config.h as a custom header for yotta use 2016-06-23 13:56:06 +01:00
Janos Follath
efc665f80f Fix mbedtls_ssl_set_hostname documentation 2016-06-22 00:21:32 +01:00
Janos Follath
1b8571cd25 Merge branch 'development' into development-restricted 2016-06-21 13:51:17 +01:00
Aaron Jones
d96e526093 ssl.h: tidy up the documentation comments (#505)
ssl.h: Tidy up and correct documentation errors.
2016-06-17 15:40:41 +01:00
Janos Follath
15ab7ed0f3 Merge branch 'development' into development-restricted
Conflicts:
	programs/pkey/rsa_decrypt.c
	programs/pkey/rsa_encrypt.c
	programs/test/selftest.c
2016-06-14 09:20:46 +01:00
Simon Butcher
4157b6004d Renames null entropy source function for clarity 2016-06-12 00:31:33 +01:00
Simon Butcher
ab5df40054 Rename the 'no entropy' feature to MBEDTLS_TEST_NULL_ENTROPY
Following review and for clarity, changed the name of the feature to 'null
entropy'.
2016-06-11 02:31:21 +01:00
Simon Butcher
30b5f978eb Removes target_config.h file from default and thread configs
target_config.h is no longer needed for target/platform configurations so
this change removes it from the default and platform configurations for mbed
builds.
2016-06-10 19:42:15 +01:00
Paul Bakker
71a597a2ba Update documentation for MBEDTLS_ENTROPY_NV_SEED 2016-06-10 19:42:15 +01:00
Paul Bakker
fc9c7c8bf4 Initial entropy run should be context specific
Otherwise test influence each other.
Is a change to the context but only if the NV seed feature is enabled
2016-06-10 19:42:15 +01:00
Paul Bakker
66fdf34e81 Add MBEDTLS_FS_IO guard on default NV seed defines in platform.h
The default implementation won't work without MBEDTLS_FS_IO, so
leave undefined otherwise.
2016-06-10 19:42:15 +01:00
Paul Bakker
d5c9f6d226 Automatically update NV seed on initial entropy run
Update the NV entropy seed before generating any entropy for outside
use. The reason this is triggered here and not in mbedtls_entropy_init(),
is that not all entropy sources mights have been added at that time.
2016-06-10 19:42:14 +01:00
Paul Bakker
9988d6bbd9 Introduce mbedtls_nv_seed_poll() entropy polling function 2016-06-10 19:42:14 +01:00
Paul Bakker
cf0a9f96c5 Introduce platform-layer functions for reading/writing seed from NV
Introduces mbedtls_nv_seed_read() and mbedtls_nv_seed_write().

The platform-layer functions are only available when
MBEDTLS_ENTROPY_NV_SEED is enabled.
2016-06-10 19:42:14 +01:00
Janos Follath
f93b8bc2e0 Add requirements for the entropy safety switch in documentation. 2016-06-09 13:54:15 +01:00
Janos Follath
53de78444c Add entropy safety switch.
Add a switch that turns entropy collecting off entirely, but enables
mbed TLS to run in an entirely unsafe mode. Enables to test mbed TLS
on platforms that don't have their entropy sources integrated yet.
2016-06-09 11:54:54 +01:00
Janos Follath
ce52d7823c Address user reported coverity issues. 2016-06-07 14:52:35 +01:00
Janos Follath
04b591ee79 Merge branch 'development' for weekly test report. 2016-05-31 10:18:41 +01:00
Simon Butcher
2917b9e5de Clarified function param in dhm.h 2016-05-25 00:59:37 +01:00
Simon Butcher
9c22e7311c Merge branch 'development' 2016-05-24 13:25:46 +01:00
Paul Bakker
cfe392bdd4 Add end guard comment 2016-05-23 14:29:31 +01:00
Embedthis Software
c0715cb39f Fix single threaded builds 2016-05-23 14:29:31 +01:00
Simon Butcher
80119c5d28 Fixes minor typos in comments in pk.h and ctr_drbg.c
Fixes typos in PRs #475 and #437
2016-05-23 14:29:30 +01:00
Paul Bakker
4fde40f656 Fix logic to allow at least one PKCS version enabled 2016-05-23 14:29:30 +01:00
Paul Bakker
37068a79fe Add check to prevent enabling of RSA without selecting PKCS version(s) 2016-05-23 14:29:30 +01:00
SimonB
295dfa24e7 Clarifies documentation on reported memory statistics 2016-05-23 14:29:29 +01:00
James Cowgill
c788b4cb5a Fix segfault on x32 by using better register constraints in bn_mul.h
On x32, pointers are only 4-bytes wide and need to be loaded using the "movl"
instruction instead of "movq" to avoid loading garbage into the register.

The MULADDC routines for x86-64 are adjusted to work on x32 as well by getting
gcc to load all the registers for us in advance (and storing them later) by
using better register constraints. The b, c, D and S constraints correspond to
the rbx, rcx, rdi and rsi registers respectively.
2016-05-23 14:29:28 +01:00
Simon Butcher
db0feca55c Fixes platform time_t abstraction
Fixes platform abstraction in error.c and the file that it's generated
from as well as DTLS samples.
2016-05-17 00:03:14 +01:00
Paul Bakker
9edf1eb062 Merge pull request #376 from jcowgill/x32
Support for x32
2016-05-11 20:40:08 +02:00
Paul Bakker
e049ccd405 Add end guard comment 2016-05-11 14:13:02 +01:00
Embedthis Software
17ddff5eaf Fix single threaded builds 2016-05-11 14:13:02 +01:00
Simon Butcher
295639bfa1 Fixes minor typos in comments in pk.h and ctr_drbg.c
Fixes typos in PRs #475 and #437
2016-05-10 19:39:36 +01:00
Attila Molnar
7e8a6fb78c Fix minor doc issue 2016-05-05 14:28:28 +01:00
SimonB
5be3a25691 Clarifies documentation on reported memory statistics 2016-05-05 14:25:03 +01:00
Attila Molnar
0b98d2f086 Fix minor doc issue 2016-05-02 11:06:47 +02:00
Simon Butcher
80aea30aa5 Fixes syntax and naming for check-names.sh
Some macros were failing checks by check-names.sh
2016-04-27 00:28:14 +01:00
Simon Butcher
3fe6cd3a2d Fixes time() abstraction for custom configs
Added platform abstraction of time() to ChangeLog, version features, and fixed the build for dynamic configuration.
2016-04-26 19:51:29 +01:00
SimonB
d5800b7761 Abstracts away time()/stdlib.h into platform
Substitutes time() into a configurable platform interface to allow it to be
easily substituted.
2016-04-26 14:49:59 +01:00
Janos Follath
c351d18c0e Restore a change in the documentation.
Using the wildcard name MBEDTLS_PLATFORM_XXX_ALT made the Travis build
fail.
2016-03-21 08:43:59 +00:00
Janos Follath
d75b782d0d Fix a typo that confuses check-names.sh 2016-03-18 16:47:10 +00:00
Janos Follath
9194744595 Add exit value macros to platform abstraction layer. 2016-03-18 14:05:28 +00:00